Can't save page after Intergrating Xinha into Phpwebed

[V]

Hello,

I have Xinha up and running in the text area of the CMS Phpwebed (Please see http://www.m-tecs.net/phpwebed/example1.php) for a demo.

I'm unable to save any changes I make after Xinha is integrated. After modifying some text with Xinha and clicking the Save Button in Phpwebed the page refreshes but doesn’t post any of the changes to the Phpwebed file.

Maybe you can help me out here is the code.

<?

include "config.inc.php";
include "$phpWebEd_language.inc.php";

if (!check_user()) {
	echo "$no_auth_str\r\n";
	exit;
}
if ($content == "") {
    echo "Access denied! \r\nWrong parameter count.\r\n";
    exit;
}
$contentfile = $phpWebEd_dir . "/contents/" . $content . ".html";
if (is_file($contentfile)) {
    $status = "$content_modified_str<br>" . date("Y-m-d H:i:s", filemtime($contentfile));
} else {
    if ($fp = @fopen($contentfile, "w")) fclose($fp);
    else {
        echo "Error reading/writing file! \r\nPlease check the file permissions.\r\n";
        exit;
    }
}
if ($content != "" && isset($htmlsource)) {
    if ($edtype != "ax") {
        $is_tag = False;
        for ($i = 0; $i <= strlen($htmlsource); $i++) {
            if ($htmlsource[$i] == "<") $is_tag = True;
            if ($is_tag) $tmp .= $htmlsource[$i];
            else $tmp .= htmlentities($htmlsource[$i]);
            if ($htmlsource[$i] == ">") $is_tag = False;
        }
        $htmlsource = $tmp;
    }
    copy($contentfile, $contentfile . ".bak");
    $fp = fopen($contentfile, "w");
    if ($only_trusted_tags == 1) $htmlsource = strip_tags($htmlsource, $trusted_tags);
    fwrite($fp, stripslashes($htmlsource));
    if (fclose($fp)) {
        if ($edtype == "ax") echo "OK\r\n";
        else echo "<script language=\"JavaScript\">opener.location.reload();\n window.close();</script>";
    }
    exit;
}
if ($imagefile != "" && $imagefile_name != "") {
   set_time_limit(120);
   $new_imagefile = $phpWebEd_dir . "/contents/" . $imagefile_name;
   if (copy($imagefile, $new_imagefile)) echo "OK\r\n";
   exit;
}	
if ($deleteimage != "") {
   if (unlink($phpWebEd_dir . "/contents/" . $deleteimage)) echo "OK\r\n";
   exit;
}
?>
<html>
<head>
<? echo "<title>$content - $editor</title>";?>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript">
<!--
function ok() {
   <? 
   echo "document.editform.submit();";
   ?> 

}
function cancel() {
   <? 
   echo "window.close();";
   ?>     
}
//-->
</script>
<script type="text/javascript">
   _editor_url = "/xinha/";
   _editor_lang = "en";
</script>

    <!-- load the main HTMLArea file -->
    <script type="text/javascript" src="/xinha/htmlarea.js"></script>
    <script type="text/javascript" src="/xinha/my_config.js"></script>
    
    </head>

<body bgcolor="#DDDDDD" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="100%" border="0" cellspacing="0" cellpadding="0" height="100%">
  <tr> 
    <td width="10%" align="center" valign="top" bgcolor="#666666"> 
      <p>&nbsp;</p>
      <p><a href="javascript:ok();"><img src="images/ok.gif" width="40" height="40" border="0"></a><br>
        <font face="Verdana, Arial" size="1" color="#FFFFFF"><? echo $edit_save_str;?></font></p>
      <p><a href="javascript:cancel();"><img src="images/cancel.gif" width="40" height="40" border="0"></a><br>
        <font face="Verdana, Arial" size="1" color="#FFFFFF"><? echo $edit_cancel_str;?></font></p>
    </td>
    <td width="90%" rowspan="2" align="center" valign="middle"><?
   if ($edtype == "ax") {
    ?>
      
      
<?
}
else {
    ?>      
<script language="JavaScript">
<!--
function newhtml(code) {
	document.editform.htmlsource.value += code;
	document.editform.htmlsource.focus();
}
function format(format) {
	if (format == 'B') ptext="<? echo $format_bold_str;?>";
	if (format == 'I') ptext="<? echo $format_italic_str;?>";
	if (format == 'U') ptext="<? echo $format_underline_str;?>";
	if (format == 'CENTER') ptext="<? echo $format_center_str;?>";
	if (format == 'BIG') ptext="<? echo $format_big_str;?>";
	if (format == 'SMALL') ptext="<? echo $format_small_str;?>";
	text = prompt("<? echo $format_str;?>"+ptext,"");     
	if (text != "" && text != null) {           
		code = "<"+format+">"+text+"</"+format+">";
		newhtml(code);
	}  
}
function list(format) {
	text = prompt("<? echo $list_first_str;?>","");     
	if (text != "" && text != null) { 
		code = "\n<"+format+">\n";
		while (text != "" && text != null) {
			code += " <LI>"+text+"\n";
			text = prompt("<? echo $list_next_str;?>","");
		}
		code += "</"+format+">";
		newhtml(code);
	}  
}
function link() {
	text = prompt("<? echo $link_url_str;?>","http://");
	if (text != "" && text != null) { 
		code = "<A HREF=\""+text+"\">";
		text2 = prompt("<? echo $link_name_str;?>","");
		if (text2 == "" || text2 == null) text2 = text;
		code += text2+"</A>";
		newhtml(code);
	}  
}
//-->
</script>
      <table border="0" cellspacing="0" cellpadding="5">
        <tr> 
          <td nowrap><img onClick="format('B')" src="images/bold.gif" alt="<? echo $pic_bold_str;?>" width="23" height="22" border="0"> 
            <img onClick="format('I')" src="images/italic.gif" alt="<? echo $pic_italic_str;?>" width="23" height="22" border="0"> 
            <img onClick="format('U')" src="images/underline.gif" alt="<? echo $pic_underline_str;?>" width="23" height="22" border="0">&nbsp;&nbsp; 
            <img onClick="format('CENTER')" src="images/center.gif" alt="<? echo $pic_center_str;?>" width="23" height="22" border="0">&nbsp;&nbsp; 
            <img onClick="format('BIG')" src="images/big.gif" alt="<? echo $pic_big_str;?>" width="23" height="22" border="0"> 
            <img onClick="format('SMALL')" src="images/small.gif" alt="<? echo $pic_small_str;?>" width="23" height="22" border="0">&nbsp;&nbsp; 
            <img onClick="list('OL')" src="images/ol.gif" alt="<? echo $pic_ol_str;?>" width="23" height="22" border="0"> 
            <img onClick="list('UL')" src="images/ul.gif" alt="<? echo $pic_ul_str;?>" width="23" height="22" border="0">&nbsp;&nbsp; 
            <img onClick="link()" src="images/link.gif" alt="<? echo $pic_link_str;?>" width="23" height="22" border="0">&nbsp;&nbsp;&nbsp; 
            <img onClick="newhtml('<BR>')" src="images/br.gif" alt="<? echo $pic_br_str;?>" width="23" height="22" border="0"> 
          </td>
          <td align="right" nowrap><font face="Verdana, Arial, Helvetica, sans-serif" size="1"> 
            <a href="http://www.m-tecs.net/phpwebed/" target="_blank">phpWebEd 
            <? echo $phpWebEd_version;?>
            </a> </font></td>
    </tr>
    <form name="editform" method="post" action="<? echo $PHP_SELF;?>">
      <tr> 
        <td nowrap colspan="2"> 
          <textarea name="htmlsource" cols="60" rows="18" wrap="VIRTUAL" style="width: 100%" id="htmlsource"><?
		  if (!($fp = @fopen($contentfile, "r"))) echo "Error reading file";
		  else {
			$htmlsource = fread($fp, filesize($contentfile));
			fclose($fp);
			echo $htmlsource;
		  }
          ?></textarea>
          <input type="hidden" name="content" value="<? echo $content;?>">
        </td>
      </tr>
    	<tr>
			<td><input type="submit" value=">>  Submit  >>"></td>
		</tr>
    </form>
  </table>
<?
}
?>  
    </td>
  </tr>
  <tr>
    <td valign="bottom" bgcolor="#666666"><font size="1" face="Arial, Helvetica, sans-serif" color="#DDDDDD"><? echo $status;?></font></td>
  </tr>
</table>
</body>
</html>

Thanks,

V

[niko]

does it work if you use a textarea without xinha? what do you get on print_r($_POST); in the save-page?

[gogo]

Errors in the javascript console?

I'd suggest you wrap $htmlsource in htmlspecialchars to be safe.

And finally, move this discussion to the forums, I don't think this will be a Xinha bug.